Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.46

F0 0F C7 C8

Samt en riktigt trevlig helg önskar vi på CERT-SE!

Nyheter i veckan

Threat Alert: TCP Amplification Attacks
https://blog.radware.com/security/2019/11/threat-alert-tcp-reflection-attacks/

Did the recent malicious BlueKeep campaign have any positive impact when it comes to patching?
https://isc.sans.edu/forums/diary/Did+the+recent+malicious+BlueKeep+campaign+have+any+positive+impact+when+it+comes+to+patching/25506/

How much does it cost to launch a cyber-attack?
https://www.techcentral.ie/how-much-does-it-cost-to-launch-a-cyber-attack/

One of the world’s most advanced hacking groups debuts new Titanium backdoor
https://arstechnica.com/information-technology/2019/11/newly-discovered-titanium-backdoor-employs-clever-ways-to-go-undetected/

DNS-over-HTTPS will eventually roll out in all major browsers, despite ISP opposition
https://www.zdnet.com/article/dns-over-https-will-eventually-roll-out-in-all-major-browsers-despite-isp-opposition/

As 5G Rolls Out, Troubling New Security Flaws Emerge
https://www.wired.com/story/5g-vulnerabilities-downgrade-attacks/

Apple Mail Stores Encrypted Emails in Plain Text Database
https://medium.com/@boberito/apple-mail-stores-encrypted-emails-in-plain-text-database-fix-included-3c2369ce26d4

Former Trend Micro employee enabled scam calls by stealing customers' personal data
https://www.cyberscoop.com/trend-micro-customer-data-stolen-scam/

Major ASP.NET hosting provider infected by ransomware
https://www.zdnet.com/article/major-asp-net-hosting-provider-infected-by-ransomware/

US-CERT warns of critical flaws in Medtronic equipment
https://nakedsecurity.sophos.com/2019/11/13/us-cert-warns-of-critical-flaws-in-medtronic-equipment/

CERT-special

Så skyddas Sveriges mest kompetenta nätverk
https://computersweden.idg.se/2.2683/1.726275/sunet-cert-skyddas-sverige

Polisens cert vilar aldrig – ”Vi ska bli bättre än FRA”
https://computersweden.idg.se/2.2683/1.726123/polisen-cert-skydd-it

Chip-special

Intel Failed to Fix a Hackable Chip Flaw Despite a Year of Warnings
https://www.wired.com/story/intel-mds-attack-taa/

Intel Releases Security Updates
https://www.us-cert.gov/ncas/current-activity/2019/11/12/intel-releases-security-updates

ZombieLoad Attack - Return of the Leaking Dead
https://zombieloadattack.com/

TPM—Fail - TPM meets Timing and Lattice Attacks
http://tpm.fail/

CERT-SE i veckan

Adobe säkerhetsuppdaterar fyra produkter

Microsofts säkerhetsuppdateringar för november